NowSecure Mobile Security Researcher Dawn Isabel has been an avid contributor to bug bounties over the years and has earned many accolades. Before joining the expert research team at NowSecure, Isabel amassed well-rounded experience at IOActive, Hewlett Packard Enterprise, the University of Michigan and Ford Motor Company. We recently spoke with
Isabel about testing the security of iOS and Apple Watch apps, the bug bounty community, and the tools she uses most.
NowSecure announces the release of NowSecure Workstation 6.0. The turnkey hardware and software kit that empowers analysts to quickly conduct deep mobile application security assessments of Android and iOS apps and generate customized reports with actionable results users can trust. Traditional mobile app penetration testing can consume at least two weeks of manual effort and requires ample expertise and an abundance of open-source tools. NowSecure Workstation reduces testing time from weeks to mere hours, driving dramatic 10x productivity gains and scalability.
Reverse engineering refers to the process of taking something apart to see how it works. The NowSecure Services team frequently performs reverse engineering on mobile apps to uncover security vulnerabilities and privacy flaws. This tutorial will help you master the basics of analyzing an Android app and knowing what to look for.
Although we recommend periodic in-depth pen tests for high-risk mobile apps that run business-critical processes or access sensitive information, this practice doesn’t scale well for DevOps teams. Mobile app pen testing requires intense human labor that simply can’t keep pace with the volume, velocity and frequency of DevOps releases. Many organizations can benefit from incorporating automated mobile appsec testing in the mobile DevSecOps toolchain to speed the delivery of secure mobile apps.
Mobile app security professionals who connect and engage with the broader mobile appsec community can amplify their efforts and learn from each other. Combined, the NowSecure services team members have pen tested thousands of mobile apps. They share three key best practices for mobile app pen testing that practitioners can adopt to meet their organizations’ needs.
Because NowSecure was founded as a mobile application forensics company a decade ago, penetration testing is built into our DNA. We’ve tested thousands of Android and iOS apps on behalf of our customers, uncovered some scary vulnerabilities and helped customers improve the security of their mobile apps. The following is the third installment of an
PRIVACY DISCLOSURE: NowSecure uses first party and third party cookies to provide functions of this website and our services, to uniquely identify visitors, to analyze use of our website, and to target our marketing. You can choose to block cookies using your browser settings. By continuing to use our website or services you indicate your agreement. To learn more about the cookies we use and how we may collect and use your personal data, visit our Privacy Policy
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.